To round out our Perfecting the Proposal series, we have saved the most critical element for last: Compliance. Remember, the first proposal commandment is: Be Compliant, Not Complacent. Travis Hogan, Operations Officer for Trident Proposal Management, gives us insights about compliance checking using a proposal compliance matrix.
The Compliance Matrix
Immediately after the RFP comes out, you’ll need to read through the entire RFP to create a compliance matrix. This is a spreadsheet that lists every single requirement, line-by-line. Anytime the RFP says: “Thou shalt do x,” x becomes a single line item in a spreadsheet. By the time you’ve combed through the entire document and supporting documents (more on that below), your spreadsheet can be anywhere from 200-1000+ lines.
If something changes in the RFP at any time before the due date, immediately update your compliance matrix. This way, when you do your compliance reviews, the changes will be accounted for in your matrix so you can make sure they are in the proposal.
Vague Requirements in the RFP and Getting Answers
The government can be misleading or confusing at times in the RFP. It happens. A requirement might be vague, or two or more requirements could completely contradict each other. It’s important for your team to quickly come to a resolution so that your proposal stays on schedule. Here’s what you do when you don’t know what to do:
- Go back to the customer. After they release the RFP, they customarily give contractors a window to ask questions. Use that time wisely. Even if that time has expired, the customer might still be open to questions.
- Unclog your ears. By holding rigorous debates within your team, (which should include a subject matter expert with direct experience with the customer) you can avoid Groupthink is a term used for when members of a group share such similar positions that there are no dissenting voices.
Compliance/Technical Edits in the Proposal Process
The compliance checker should always be someone with fresh eyes—never someone on the development team. The compliance checker may also be the tech editor. While having one person do both is common in the interest of time, Hogan says it’s a bad idea for two reasons: 1. That person will have to multitask and won’t be as accurate.
Hogan says, “It almost uses two different sides of my brain. Compliance uses my more mathematical side, whereas tech editing uses my more artistic side.” 2. The tech editor won’t have fresh eyes for the compliance check, as he or she has already been mired in the document.
The first compliance check should be done by the checker mid-way or two-thirds through the development process, also called the Middle Edit. For the Middle Edit, get out your compliance matrix and go line-item-by-line-item, mapping each requirement back to your proposal. You’ll grade each requirement as met, not met or partially met. The compliance checker does the final review when the response is finished or nearly finished. While this edit is faster, (teams rarely delete a fulfilled requirement once they’ve put it in), you’ll need to be equally diligent.
When the Compliance Skies Go Dark
Often, mistakes are made during that 30-day response window. Hogan shares some of the more common mistakes government contractors make.
#1. Non-Compliance with nitpicky requirements. Little mistakes factor hugely into compliance. These are items like; page count, table formatting, font, and font-size restrictions, table and figure headings, incorrect page numbers (location or sequence), and title page layout. If you miss anything, you can be disqualified for non-compliance, even if you’ve met all the other requirements in your proposal.
#2. Buried requirements. The government will sometimes require a supporting piece of evidence and point to a subdocument that you must fill out, a common example would be a past performance form. On that form could be one question about why this past performance is relevant. Hogan warns, “You need to look at all the supporting documents carefully and put their ‘hidden requirements’ in your compliance matrix.”
#3. Missing the changes in the RFP. The government can, and often does, change the requirements in the middle of a proposal. You have to continually monitor the location where the government released the RFP (i.e., website, contracting portal, email) to be aware of any changes or updates that are posted.
When the Compliance Stars Align
Hogan shares some of the things that make his job as compliance checker so much easier.
#1. The nitpicky items are perfect. When Hogan does his final compliance check, he looks at the finely detailed admin requirements first, starting with the title page and then combing through the document. When these things are right, Hogan says “I find it comforting. I know the team has their stuff together and they’re paying attention.”
#2. The proposal maps to the requirements. It should not be difficult for the Technical Evaluation Board (TEB) to map your response back to the requirements. However, if your response to the government’s requirements are in the same order as the RFP it is very possible that your response won’t flow or make any sense. In those cases, it’s fine to answer out of order, as long as you clearly label the section in the RFP you are responding to. This is called compliance mapping. As Hogan says, “My biggest pet peeve is not compliance mapping. I have to take all the puzzle pieces in the response and dig through the compliance matrix to find what requirement they are addressing. If it bothers your compliance checker, think of how much it will bother the TEB.” This goes back to the second proposal commandment: Don’t Vex the Busy Grader. Make everything easy on the grader (and on your compliance checker.)
In our Perfecting the Proposals series, we reached to the experts at Trident Proposals for valuable insider tips on how to write a proposal that captures a government contract. We talked about the three proposal commandments, preparing for an expert oral response, deftly managing the proposal process, checking and editing throughout, incorporating high impact writing techniques, and finally, crafting a detailed compliance matrix. If you have any further questions or suggestions for points we might have included, please let us know. Otherwise, happy hunting and good luck!
Security requirements from the DoD for federal contractors are evolving and are more extensive and complex than many govcon’s realize. These include not only cybersecurity protection of government systems and data that contractors use and access - but also protection...
The Only CMMC-Compliant CRM, Sales & Proposal Management Platform for CUI Data Protection – Capture2Proposal Achieves 3PAO Compliance
Information and document security is an increasing concern for the U.S. Federal government, both for internal systems and for systems operated by contractors or suppliers. Recently, the National Institute of Standards and Technology (NIST) published updated guidance...
How a Cloud Services Provider for CRM and Proposal Management Reduces Your Risk and Cost of CMMC Compliance Introduction The Department of Defense (DoD) created the Cybersecurity Maturity Model Certification (CMMC) as a comprehensive framework to protect the defense...